You can also place hooks in sched.c to log the information when process is scheduled in and out.
On Wed, Nov 5, 2008 at 2:01 PM, Jonathan 'Arrouan' ROUZAUD-CORNABAS <arrouan@xxxxxxxxxxxx> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
I'm developping a kernel module that will monitore struct (or something
else) to generate event (or traces) when a process is over (i.e. its PID
disappear from the PID/PPID tree). Currently, I can do that by
monitoring the /proc directory but I am looking for a more robust (and
kernel side) way to do it.
I don't know where to start, hooking some functions in procfs ? Or
something similar already exists ? Or ... ?
I'm open to any solutions.
Thanks in advance
PS: If I need SELinux or GRSecurity/PaX to do that, it is not an issue.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFJEe2nrzp//Utz6jwRAp2ZAJ4sV46sLzMC93t7OsbwcWzHuc33ogCeIZEk
zqEzllfwV/r7op9Jr3Y3y8M=
=WF1T
-----END PGP SIGNATURE-----
--
To unsubscribe from this list: send an email with
"unsubscribe kernelnewbies" to ecartis@xxxxxxxxxxxx
Please read the FAQ at http://kernelnewbies.org/FAQ
--
http://linuxexplained.blogspot.com
